Introduction:

WordPress is a remarkably secure platform as long as you follow best practices and keep everything up to date. However, old plugins or themes can contain security vulnerabilities. In fact, this is often part of the reason why the developers ship updates.

It's easy to make sure WordPress is secure if you follow this weekly WordPress maintenance checklist. Make sure to edit it and swap out the names of our sub-domains with any you have that need checking in addition to the main site.

Website:

Create a new issue in the WEB project on JIRA

Make it a "Task" issue and name it something like "Weekly WordPress maintenance".

Paste this output into the JIRA issue description. For each plugin that needs updating, paste in the new changes (not the whole change log) and make note of anything that potentially might break the site.

Create a PR with the updates

Create a new branch with the issue number as its name:

git checkout -b WEB-## staging

Next, actually run the update:

composer update

Commit the branch and open a PR.

(If you don't have a procedure for creating new PRs, click here to get our GitHub pull request checklist)

Assign the issue to your manager

Get approval on your pull request by assigning the issue to your manager.